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I, REAL PARTY IN INTEREST 

The real party in interest of the instant apphcation is the assignee, Hewlett-Packard 
Development Company, L.P. 

II. RELATED APPEALS AND INTERFERENCES 

There are no known related appeals and interferences that will affect or be affected by a 
decision in this appeal. 

III. STATUS OF THE CLAIMS 

Claims 1-19 are pending in the present application. The final Office Action of May 3, 
2005, rejected claims 1-14, 16, 17, and 19 under 35 U.S.C. §103 as allegedly unpatentable over 
Hayes (U.S. Patent No. 6,339,826) in view oiDeo (U.S. Patent No. 5,720,033). In addition, the 
final Office Action rejected claims 15 and 18 under 35 U.S.C. §103 as allegedly unpatentable 
over Hayes in view of Deo and further in view of Ahlberg (U.S. Patent No. 6,587,836). 

IV. STATUS OF AMENDMENTS 

No amendments have been made or requested since the mailing of the final Office 
Action. A copy of the current claims is attached hereto as Appendix A. 
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V. SUMMARY OF CLAIMED SUBJECT MATTER 



A computer system (e.g., reference numeral 50) of some embodiments comprises a 
display device (e.g., reference numeral 34) having a screen for displaying images. The 
computer system also comprises a security application (e.g., reference numeral 52) defining a 
list of security rules for locking down resources of the computer system (e.g., page 9, lines 5-8, 
and page 13, lines 13-17). The security application is configured to categorize the rules into a 
plurality of categories and to display at least one of said categories on said screen (e.g., page 18, 
lines 4-5 and 9-11; page 22, lines 19-21; and Figure 3). The security application is configured 
to determine which of the rules are associated with the one category in response to a selection of 
the one category by a user of the computer system and to display on the screen each of the rules 
associated with the one category in response to the selection (e.g., page 18, lines 7-9 and 12-17). 
The security application is fiirther configured to allow the user to enable ones of the rules and to 
cause the computer system to enforce the enabled ones of the rules by modifying a machine 
state of the computer system (e.g., page 23, lines 18-25, and page 24, lines 6-1 1). Different ones 
of the categories respectively pertain to different ones of a plurality of applications, and the rules 
are categorized such that the one category is assigned only to ones of the rules that affect a 
particular application pertaining to the one category (e.g., page 18, lines 7-21). 

In at least one embodiment, the security application, in response to a selection of one of 
the rules, is configured to display help information pertaining to the one rule (e.g., page 17, lines 
13-20). 

A system (e.g., reference numeral 50) of some embodiments comprises means (e.g.. 
Figure 2 and reference numerals 50 and 52) for defining a list of security rules for locking down 
resources of a computer system (e.g., page 9, lines 5-8, and page 13, lines 13-17). The system 
also comprises means (e.g.. Figure 2 and reference numerals 50 and 52) for categorizing the 
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rules into a plurality of categories and means (e.g.. Figure 2 and reference numerals 34, 50, and 
52) for displaying at least one of said categories (e.g., page 18, lines 4-5 and 9-11; page 22, lines 
19-21 ; and Figure 3). The system further comprises means (e.g.. Figure 2 and reference 
numerals 50 and 52) for determining, in response to a selection of the one category, which of the 
rules is associated with the one category, and means for displaying each of the rules determined 
to be associated with the one category (e.g., page 18, lines 7-9 and 12-17). In addition, the 
system comprises means (e.g.. Figure 2 and reference numerals 50 and 52) for enabling ones of 
the rules based on user inputs and means for enforcing each of the enabled rules (e.g., page 23, 
lines 18-25, and page 24, lines 6-1 1). The different ones of the categories respectively pertain to 
different ones of a plurality of applications, and the categorizing means is configured to assign 
the one category only to ones of the rules that affect a particular application pertaining to the one 
category (e.g., page 18, lines 7-21). 

A method of some embodiments comprises locks down resources of computer systems. 
The method comprises defining a list of security rules for locking down resources of a computer 
system (e.g., reference numeral 50) and categorizing the rules into a plurality of categories (e.g., 
page 9, lines 5-8; page 13, lines 13-17; page 18, lines 4-5). Different ones of the plurality of 
categories pertain to different ones of a plurahty of applications (e.g., page 18, lines 5-9). The 
method also comprises displaying at least one of the categories (e.g. page 18, lines 9-11, and 
page 22, lines 19-21; and Figure 3). The method fiirther comprises determining, in response to 
a selection of the one category, which of the rules is associated with the one category and 
displaying each of the rules determined to be associated with the one category (e.g., page 18, 
lines 7-21). In addition, the method comprises enabling ones of the rules and enforcing each of 
the enabled rules based on the enabling (e.g., page 23, lines 18-25, and page 24, lines 6-11). 
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The categorizing comprises assigning the one category only to ones of the rules that affect a 
particular application pertaining to the one category (e.g., page 18, lines 7-21). 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

Claims 1-14, 16, 17, and 19 are rejected under 35 U.S.C. §103 as allegedly unpatentable 
over Hayes (U.S. Patent No. 6,339,826) in view of Deo (U.S. Patent No. 5,720,033). 

Claims 15 and 18 are rejected under 35 U.S.C. §103 as allegedly unpatentable over 
Hayes in view of Deo and further in view of Ahlberg (U.S. Patent No. 6,587,836). 

VII. ARGUMENT 

In order for a claim to be properly rejected under 35 U.S.C. §103, the combined 
teachings of the prior art references must suggest all features of the claimed invention to one of 
ordinary skill in the art. See, e.g.. In Re Dow Chemical Co., 837 F.2d 469, 5 U.S.P.Q.2d 1529, 
1531 (Fed. Cir. 1988), and In re Keller, 642 F.2d 413, 208 U.S.P.Q. 871, 881 (C.C.P.A. 1981). 
In addition, "(Ohe PTO has the burden under section 103 to establish a prima facie case of 
obviousness. It can satisfy this burden only by showing some objective teaching in the prior art 
or that knowledge generally available to one of ordinary skill in the art would lead that 
individual to combine the relevant teachings of the references." In re Fine, 837 F.2d 1071, 5 
U.S.P,Q.2d 1596, 1598 (Fed. Cir. 1988) (Citations omitted). 
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Discussion of 35 U.S.C. §103 Rejections of Claims 1-14, 16, 17, and 19 



Claim 1 presently stands rejected in the final Office Action under 35 U.S.C. §103 as 
allegedly unpatentable over Hayes (U.S. Patent No. 6,339,826) in view of Deo (U.S. Patent No. 
5,720,033). Claims 5 and 9 comprise similar claimed limitations which are missing fi:-om the 
alleged combination of Hayes and Deo (with respect to the outstanding 35 U.S.C. §103 
rejections) as claim 1. Claims 2-4, 6-8, 10-14, 16, 17, and 19 depend fi^om a respective one of 
the claims 1, 5, and 9. Therefore, claim 1 is discussed below as an exemplary claim for 
discussion. 

Claim 1 presently reads as follows: 

1 . A computer system, comprising: 

a display device having a screen for displaying images; and 
a security application defining a list of security rules for locking down 
resources of said computer system, said security application configured to 
categorize said rules into a plurality of categories and to display at least one of 
said categories on said screen, said security application configured to determine 
which of said rules are associated with said one category in response to a 
selection of said one category by a user of said computer system, said security 
application configured to display on said screen each of said rules associated 
with said one category in response to said selection, said security application 
further configured to allow said user to enable ones of said rules and to cause 
said computer system to enforce said enabled ones of said rules by modifying a 
machine state of said computer system, wherein different ones of said 
categories respectively pertain to different ones of a plurality of applications 
and wherein said rules are categorized such that said one category is assigned 
only to ones of said rules that affect a particular application pertaining to said 
one category. (Emphasis added). 

Applicants respectfiiUy assert that the alleged combination of Hayes and Deo fails to suggest at 

least the features of claim 1 highlighted hereinabove. Accordingly, the 35 U.S.C. §103 rejection 

of claim 1 is improper. 

In this regard, it is candidly admitted in the final Office Action that Hayes does not 

disclose the highlighted features of claim 1 . However, it is alleged in the final Office Action 

that "Deo teaches associating security rules with particular applications (column 2, lines 43-67, 
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i.e. entity type - the basic object type that will be used to define a security feature for a particular 
application)." However, merely alleging that the cited art "associat(es) security rules with 
particular applications" is insufficient for establishing a prima facie case of obviousness with 
respect to the highlighted features of claim 1. 

hi particular, '\o)n the issue of obviousness, the combined teachings of the prior art as a 
whole must be considered." EWP Corp, v. Reliance Universal Inc., 755 F.2d 898, 225 U.S.P.Q. 
20, 25 (Fed. Cir. 1985). Even if it is assumed arguendo that it is obvious to associate security 
rules with particular applications, as alleged in the final Office Action, it does not necessarily 
follow that it would be obvious to categorize rules into categories to be displayed such that only 
rules pertaining to the same application are displayed in response to a selection of the displayed 
category. Lideed, Deo describes how rules are defined but, as a whole, does not appear to focus 
on the manner in which the defined rules and the categories of such rules should be displayed. 
Moreover, when the teachings of Hayes and Deo are properly considered as a whole, it becomes 
apparent ihoXDeo does not remedy the admitted deficiency oi Hayes. 

For at least the above reasons. Applicants respectfully assert that Deo fails to suggest 
modification of the displayed categories Hayes such that a selection of one of the displayed 
categories results in the display of "each of said rules associated with said one category. . . 
wherein different ones of said categories respectively pertain to different ones of a plurality of 
applications and wherein said rules are categorized such that said one category "is assigned only 
to ones of said rules that affect a particular application pertaining to said one category," as 
described by claim 1. Accordingly, the 35 U.S.C. §103 rejection of claim 1 is improper and 
should be overruled. 

hi addition to the reasons set forth above, Applicants respectfully assert that the 35 
U.S.C. §103 rejection of claim 1 is improper because the final Office Action fails to establish a 
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sufficient reason or motivation for combining Hayes and Deo, In this regard, "(o)bviousness 
cannot be established by combining the teachings of the prior art to produce the claimed 
invention, absent some teaching or suggestion supporting the combination. Under section 103, 
teachings of references can be combined only if there is some suggestion or incentive to do so." 
ACS Hospital Systems, Inc, v. Montefiore Hospital, 732 F.2d 1572, 1577, 221 U.S.P.Q. 929, 
933 (Fed. Cir. 1984) (emphasis in original). Applicant respectfully asserts that the final Office 
Action fails to establish a sufficient reason or motivation for combining Hayes with Deo and, 
therefore, fails to establish a prima facie case of obviousness. 
In this regard it is asserted in the Office Action that: 

"10. It would have been obvious to one of ordinary skill in the art at the time 
the invention was made wherein different ones of said categories respectively 
pertain to different ones of a plurality of applications and wherein said rules are 
categorized such that said one category is assigned only to ones of said rules that 
affect a particular application pertaining to said one category, since Deo states at 
column 2, lines 43-49 that such a modification would provide a security platform 
adaptable to a variety of applications, provide a uniform system-wide security 
capability thereby making the system more secure, and allows the 
implementation and modification of security measures quickly and easily." 

However, there is nothing in the cited art to suggest that Hayes suffers firom any problems that 

would be remedied by the alleged solutions provided by Deo. In this regard, there is nothing in 

Hayes to indicate that it provides a "security platform" not "adaptable to a variety of 

applications" or that it does not provide a "uniform system-wide security capability." In 

addition, there is nothing to indicate that Hayes does not allow "implementation and 

modification of security measures" that are "quick" and "easy." 

In fact, the final Office Action fails to establish that there is any apparent deficiency in 

Hayes that would motivate one of ordinary skill in the art to combine Deo with Hayes. 

Moreover, where there is no apparent disadvantage present in a particular prior art reference, 

then generally there can be no motivation to combine the teaching of another reference with the 
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particular prior art reference. Winner Intl Royalty Corp. v. Wang, 202 F.3d 1340, 1349, 53 
U.S.P.Q.2d 1580 (Fed, Cir. 2000). 

For at least the above reasons. Applicants respectfully assert that the final Office Action 
fails to establish a sufficient motivation for combining //ayes and Deo, and the 35 U.S.C. §103 
rejection of claim 1 is improper for at least this reason. "Our case law makes clear that the best 
defense against the subtle but powerful attraction of a hindsight-based obviousness analysis is 
rigorous application of the requirement for a showing of the teaching or motivation to combine 
prior art references." In re Dembiczcak, 175 F.3d 994, 50 U.S.P.Q.2d 1614, 1617 (Fed. Cir. 
1999). Accordingly, Applicants respectfully request that the 35 U.S.C. §103 rejection of claim 
1 be overruled. 

Discussion of 35 U.S.C. §103 Rejections of Claims 15 and 18 

Claim 15 presently stands rejected in the final Office Action under 35 U.S.C. §103 as 
allegedly unpatentable over Hayes (U.S. Patent No. 6,339,826) in view of Deo (U.S. Patent No. 
5,720,033) and further in view of Ahlberg (U.S. Patent No. 6,587,836). Claim 18 comprises 
similar claimed limitations which are missing fi-om the alleged combination of Hayes, Deo, and 
Ahlberg (with respect to the outstanding 35 U.S.C. §103 rejections) as claim 15. Therefore, 
claim 1 5 is discussed below as an exemplary claim for discussion. 

Claim 15 reads "wherein said security application, in response to a selection of one of 
said rules, is configured to display help information pertaining to said one rule." Applicants 
respectfully assert that the alleged combination fails to suggest such features. 
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In this regard, it is asserted in the final Office Action that: 

"19. Regarding claim 1 5, Hayes and Deo do not disclose wherein said 
security application, in response to a selection of one of said rules, is configured 
to display help information pertaining to said one rule. 
20. Ahlberg teaches wherein said security application, in response to a 
selection of one of said rules, is configured to display help information 
pertaining to said one rule (column 15, lines 18-33)." 

However, the cited section of Ahlberg discloses launching a help engine in response to selection 

of a "help menu option." Thus, the display of help information is not "in response to a selection 

of one of said (security) rules," as recited by claim 15, but is rather in response to a selection of 

a "help menu option." Further, there is nothing in the alleged combination to suggest that 

displaying of help information, as allegedly described hy Ahlberg, should be performed in 

response to a selection of one of the alleged "security rules" of Hayes or Deo instead of the 

"help menu option" described by Ahlberg, Therefore, the final Office Action fails to establish a 

prima facie case of obviousness with respect to each feature of claim 15. 

In addition, claim 15 depends fi-om and, therefore, includes all of the limitations of its 
independent claim 1, Further, Ahlberg does not suggest the features missing fi-om the alleged 
combination of Hayes and Deo as described above in the Discussion of 35 U.S.C. §103 
Rejections of Claims 1-14, 16, and 17. Thus, the alleged combination oi Hayes, Deo, and 
Ahlberg also fails to suggest such features. 

For at least the above reasons. Applicants respectfiiUy assert that the 35 U.S.C. §103 
rejection of claim 15 is improper and should be overruled. 
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CONCLUSION 

Based on the foregoing discussion. Applicants respectfully request that the Examiner's 
final rejections of claims 1-19 be overruled and withdrawn by the Board, and that the 
application be allowed to issue as a patent with all pending claims. 

Respectfully submitted, 



THOMAS, KAYDEN, HORSTEMEYER 
& RISLEY, L.L.P. 




Reg. No. 41,077 

(256) 704-3900 Ext. 103 



Hewlett-Packard Company 
Intellectual Property Administration 
P.O. Box 272400 

Fort Collins, Colorado 80527-2400 
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AUG 2 9 2005 ^ yill. CLAIMS - APPENDIX 

1 . A computer system, comprising: 

a display device having a screen for displaying images; and 

a security application defining a list of security rules for locking down resources of said 
computer system, said security application configured to categorize said rules into a plurality of 
categories and to display at least one of said categories on said screen, said security application 
configured to determine which of said rules are associated with said one category in response to 
a selection of said one category by a user of said computer system, said security application 
configured to display on said screen each of said rules associated with said one category in 
response to said selection, said security application further configured to allow said user to 
enable ones of said rules and to cause said computer system to enforce said enabled ones of said 
rules by modifying a machine state of said computer system, wherein different ones of said 
categories respectively pertain to different ones of a plurality of applications and wherein said 
rules are categorized such that said one category is assigned only to ones of said rules that affect 
a particular application pertaining to said one category. 

2. The computer system of claim 1, wherein said computer system further comprises 
memory storing various computer applications, and wherein said security application is further 
configured to determine which computer applications are stored in said memory and to display 
said categories based on a determination by said security application as to which computer 
applications are stored in said memory. 
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3. The system of claim 1, wherein said one category is displayed on said screen by said 
security application in response to a selection of another category by said user. 

4. The system of claim 1, wherein said one category is a sub-category of another of said 
categories. 

5. A system for locking down resources of computer systems, comprising: 
means for defining a list of security rules for locking down resources of a computer 

system; 

means for categorizing said rules into a plurality of categories; 
means for displaying at least one of said categories; 

means for determining, in response to a selection of said one category, which of said 
rules is associated with said one category; 

means for displaying each of said rules determined to be associated with said one 
category; 

means for enabling ones of said rules based on user inputs; and 
means for enforcing each of said enabled rules, 

wherein different ones of said categories respectively pertain to different ones of a 
plurality of applications and wherein said categorizing means is configured to assign said one 
category only to ones of said rules that affect a particular application pertaining to said one 
category. 
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6. The system of claim 5, further comprising: 
means for storing various computer appUcations; 

means for identifying which computer apphcations are stored in said storing means; and 
means for displaying said categories based on which computer applications are 
identified by said identifying means. 

7. The system of claim 5, further comprising: 
means for selecting another of said categories; and 

means for displaying said one category in response to a selection by said selecting 

means. 

8. The system of claim 5, wherein said one category is a sub-category of another of said 
categories. 
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9. A method for locking down resources of computer systems, comprising: 
defining a list of security rules for locking down resources of a computer system; 
categorizing said rules into a plurality of categories, wherein different ones of the 

plurality of categories pertain to different ones of a plurality of applications; 
displaying at least one of said categories; 

determining, in response to a selection of said one category, which of said rules is 
associated with said one category; 

displaying each of said rules determined to be associated with said one category; 
enabling ones of said rules; and 

enforcing each of said enabled rules based on said enabling, 

wherein said categorizing comprises assigning said one category only to ones of said 
rules that affect a particular application pertaining to said one category. 

10. The method of claim 9, wherein said computer system has memory and said method 
further comprises: 

storing various computer applications in said memory; 
determining which computer applications are stored in said memory; and 
displaying said categories based on said determining which computer applications are 
stored in said memory. 
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1 1 . The method of claim 9, further comprising: 
selecting another of said categories; and 

displaying said one category in response to said selecting. 

12. The method of claim 9, wherein said one category is a sub-category of another of 
said categories. 

13. The system of claim 1 , wherein each of said rules is assigned to a respective one of 
said categories based on whether said each rule controls access to an application pertaining to 
said respective one category. 

14. The system of claim 1, wherein each of said categories is assigned only to ones of 
said security rules that affect a respective one of said applications pertaining to said each 
category. 

15. The system of claim 1, wherein said security application, in response to a selection 
of one of said rules, is configured to display help information pertaining to said one rule. 

16. The method of claim 9, wherein said categorizing comprises assigning each of said 
rules to a respective one of said categories in response to a determination that said each rule 
controls access to an application pertaining to said respective one category. 
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17. The method of claim 9, wherein each of said categories pertains to only a respective 
one of said applications. 

18. The method of claim 9, further comprising: 
selecting one of said rules; and 

displaying help information pertaining to said one rule in response to said selecting. 

19. The method of claim 9, further comprising making said selection in response to a 
determination that said one category pertains to said particular application. 
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IX. EVIDENCE - APPENDIX 

None. 
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X. RELATED PROCEEDINGS - APPENDIX 

None. 
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